Closed Bug 1367313 Opened 4 years ago Closed 3 years ago

Add a test case to inform people when someone tries to remove prefs that have fingerprinting concerns

Categories

(Core :: DOM: Security, enhancement, P1)

enhancement

Tracking

()

RESOLVED INVALID

People

(Reporter: timhuang, Assigned: timhuang)

References

(Blocks 1 open bug)

Details

(Whiteboard: [fingerprinting][tor][fp:m1] [domsecurity-active])

There are some prefs that Tor uses them to disable certain APIs or features when they have a fingerprinting concern, like 'dom.enable_resource_timing'. However, these prefs could be removed after they have been turned on by default for about 2 releases, for example, the pref 'dom.enable_user_timing' has been removed in Bug 1344669. Which is not ideal for Tor, even for us, to implement anti-fingerprinting.

In general, we have to figure out a way to inform developers that these prefs have fingerprinting concerns, so people have to think about it before removing it. Therefore, I proposed that we can use a test case to make this happen. This test case will report a failure when someone is trying to remove one of these prefs for informing them about this.
Whiteboard: [fingerprinting][tor][fp:m1] → [fingerprinting][tor][fp:m1] [domsecurity-active]
Resolve this bug as invalid since we are not going to rely on prefs for fingerprinting resistance.
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.